The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Its core purpose is to help organizations improve their software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.

Abstract

Training personnel to assure the secure development, sustainment, and acquisition of software code is a national priority. However, in the secure software domain, there is no single, commonly accepted point of reference to direct software assurance education and training. In response to this problem, the CERT Program at Carnegie Mellon University's Software Engineering Institute recently led the development of a Master of Software Assurance (MSwA) Reference Curriculum. This report examines how the recommendations of the MSwA Reference Curriculum might be integrated into the model curriculum recommendations for a Master of Science in Information Systems (MSIS). This integration is important because IS programs constitute a key portion of computer education programs in the United States. The report describes the content areas of the MSIS curriculum that appear to be most relevant to secure software assurance practice. It also details the places in the current MSIS curriculum model where recommendations of the MSwA Reference Curriculum appear to fit. In addition the report explains how those recommendations can be integrated into a conventional MSIS curriculum and provides an example of an existing MSIS curriculum that embodies them.